If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

netbus

I recently installed and configured a netgear router for my computers.I went to a site called PC Flank and had a scan done. The report said everything was stealth except for 12345 which was a popular trojan vulnerability .This was closed but "visible" and therfore presented a risk. I am not sure what I should do about this. I have Zone alarm pro version 3. I went to Google and Zone's technical support but still was confused as what to do? Should I change firewalls?Could someone advise me?. Thanks, Auntie

For hundreds of years the brain was physically capable of the thoughts of a Galelio or an Aristotle among people who had not yet learned to count to ten. Much of that equipment is still unused and waiting.

If I remember correctly, and I'm open to corrections, some AV companies removed Netbus from their definitions because it can be "considered" a remote administraton tool. You can try going to www.agnitum.com and getting TauScan, which will scan your computer for Trojans and remove them

If i remember right, closed usually means that the connection was refused (not accepted); however, it was still something that was noticed and you need to identify what caused that to be noticed. First thing you should do is look at your Zone Alarm applications list and see if you can't find what is using that port (if anything), also bring up a dos prompt and type 'netstat -an' and see if port 12345 is listening. You might wanna try FPORT (www.foundstone.com), that will tell you if any programs are listening on that port. The other possible source would be if the linksys you have has a firewall capability, if so, that port is something that is commonly blocked and could cause you to see those results.

hope that helps,

nebulus

There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

If you have a honey pot program running, such at NukeNabber or TambuUDP Scrambler, they might be listening on port 12345 to 'fool' hackers into thinking its a legit trojan. Make sure its not one of those. Secondly, why not trying another third-party scan, such as Sygate Online Scan?

It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

I don't have anything else to say to instead of giving positive AP i'll just say good answer to all !

Another you might want to try is to telnet to you own computer on port 12345 and it offers you a loggin then you are in infected .
You could also use a port listenners on that port to see wich application is trying to make use of it.